diff options
Diffstat (limited to 'spec/support/shared_examples/requests')
8 files changed, 231 insertions, 21 deletions
diff --git a/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb index 5257980d7df..09743c20fba 100644 --- a/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb @@ -7,13 +7,17 @@ RSpec.shared_context 'Composer user type' do |user_type, add_member| end end -RSpec.shared_examples 'Composer package index' do |user_type, status, add_member = true| +RSpec.shared_examples 'Composer package index' do |user_type, status, add_member, include_package| include_context 'Composer user type', user_type, add_member do + let(:expected_packages) { include_package == :include_package ? [package] : [] } + let(:presenter) { ::Packages::Composer::PackagesPresenter.new(group, expected_packages ) } + it 'returns the package index' do subject expect(response).to have_gitlab_http_status(status) expect(response).to match_response_schema('public_api/v4/packages/composer/index') + expect(json_response).to eq presenter.root end end end @@ -68,7 +72,7 @@ RSpec.shared_examples 'Composer package creation' do |user_type, status, add_mem expect(response).to have_gitlab_http_status(status) end - it_behaves_like 'a gitlab tracking event', described_class.name, 'register_package' + it_behaves_like 'a gitlab tracking event', described_class.name, 'push_package' end end @@ -85,7 +89,7 @@ end RSpec.shared_context 'Composer auth headers' do |user_role, user_token| let(:token) { user_token ? personal_access_token.token : 'wrong' } - let(:headers) { user_role == :anonymous ? {} : build_basic_auth_header(user.username, token) } + let(:headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) } end RSpec.shared_context 'Composer api project access' do |project_visibility_level, user_role, user_token| @@ -114,7 +118,7 @@ RSpec.shared_examples 'rejects Composer access with unknown group id' do end context 'as authenticated user' do - subject { get api(url), headers: build_basic_auth_header(user.username, personal_access_token.token) } + subject { get api(url), headers: basic_auth_header(user.username, personal_access_token.token) } it_behaves_like 'process Composer api request', :anonymous, :not_found end @@ -130,7 +134,7 @@ RSpec.shared_examples 'rejects Composer access with unknown project id' do end context 'as authenticated user' do - subject { get api(url), headers: build_basic_auth_header(user.username, personal_access_token.token) } + subject { get api(url), headers: basic_auth_header(user.username, personal_access_token.token) } it_behaves_like 'process Composer api request', :anonymous, :not_found end diff --git a/spec/support/shared_examples/requests/api/graphql/mutations/subscription_shared_examples.rb b/spec/support/shared_examples/requests/api/graphql/mutations/subscription_shared_examples.rb new file mode 100644 index 00000000000..40b88ef370f --- /dev/null +++ b/spec/support/shared_examples/requests/api/graphql/mutations/subscription_shared_examples.rb @@ -0,0 +1,69 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.shared_examples 'a subscribable resource api' do + include GraphqlHelpers + + let_it_be(:current_user) { create(:user) } + let(:project) { resource.project } + let(:input) { { subscribed_state: true } } + let(:resource_ref) { resource.class.name.camelize(:lower) } + + let(:mutation) do + variables = { + project_path: project.full_path, + iid: resource.iid.to_s + } + + graphql_mutation( + mutation_name, + variables.merge(input), + <<-QL.strip_heredoc + clientMutationId + errors + #{resource_ref} { + id + subscribed + } + QL + ) + end + + def mutation_response + graphql_mutation_response(mutation_name)[resource_ref]['subscribed'] + end + + context 'when the user is not authorized' do + it_behaves_like 'a mutation that returns top-level errors', + errors: ["The resource that you are attempting to access "\ + "does not exist or you don't have permission to "\ + "perform this action"] + end + + context 'when user is authorized' do + before do + project.add_developer(current_user) + end + + it 'marks the resource as subscribed' do + post_graphql_mutation(mutation, current_user: current_user) + + expect(response).to have_gitlab_http_status(:success) + expect(mutation_response).to eq(true) + end + + context 'when passing subscribe false as input' do + let(:input) { { subscribed_state: false } } + + it 'unmarks the resource as subscribed' do + resource.subscribe(current_user, project) + + post_graphql_mutation(mutation, current_user: current_user) + + expect(response).to have_gitlab_http_status(:success) + expect(mutation_response).to eq(false) + end + end + end +end diff --git a/spec/support/shared_examples/requests/api/milestones_shared_examples.rb b/spec/support/shared_examples/requests/api/milestones_shared_examples.rb index 77b49b7caef..249a7b7cdac 100644 --- a/spec/support/shared_examples/requests/api/milestones_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/milestones_shared_examples.rb @@ -266,6 +266,7 @@ RSpec.shared_examples 'group and project milestones' do |route_definition| let!(:milestone) do context_group ? create(:milestone, group: context_group) : create(:milestone, project: public_project) end + let!(:issue) { create(:issue, project: public_project) } let!(:confidential_issue) { create(:issue, confidential: true, project: public_project) } let!(:issues_route) do diff --git a/spec/support/shared_examples/requests/api/notes_shared_examples.rb b/spec/support/shared_examples/requests/api/notes_shared_examples.rb index a34c48a5ba4..7066f803f9d 100644 --- a/spec/support/shared_examples/requests/api/notes_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/notes_shared_examples.rb @@ -158,9 +158,11 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name| end it "creates an activity event when a note is created", :sidekiq_might_not_need_inline do - expect(Event).to receive(:create!) + uri = "/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/notes" - post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/notes", user), params: { body: 'hi!' } + expect do + post api(uri, user), params: { body: 'hi!' } + end.to change(Event, :count).by(1) end context 'setting created_at' do @@ -275,12 +277,53 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name| end describe "PUT /#{parent_type}/:id/#{noteable_type}/:noteable_id/notes/:note_id" do - it 'returns modified note' do - put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\ - "notes/#{note.id}", user), params: { body: 'Hello!' } + let(:params) { { body: 'Hello!', confidential: false } } - expect(response).to have_gitlab_http_status(:ok) - expect(json_response['body']).to eq('Hello!') + subject do + put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/notes/#{note.id}", user), params: params + end + + context 'when eveything is ok' do + before do + note.update!(confidential: true) + end + + context 'with multiple params present' do + before do + subject + end + + it 'returns modified note' do + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['body']).to eq('Hello!') + expect(json_response['confidential']).to be_falsey + end + + it 'updates the note' do + expect(note.reload.note).to eq('Hello!') + expect(note.confidential).to be_falsey + end + end + + context 'when only body param is present' do + let(:params) { { body: 'Hello!' } } + + it 'updates only the note text' do + expect { subject }.not_to change { note.reload.confidential } + + expect(note.note).to eq('Hello!') + end + end + + context 'when only confidential param is present' do + let(:params) { { confidential: false } } + + it 'updates only the note text' do + expect { subject }.not_to change { note.reload.note } + + expect(note.confidential).to be_falsey + end + end end it 'returns a 404 error when note id not found' do @@ -290,9 +333,9 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name| expect(response).to have_gitlab_http_status(:not_found) end - it 'returns a 400 bad request error if body not given' do + it 'returns a 400 bad request error if body is empty' do put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\ - "notes/#{note.id}", user) + "notes/#{note.id}", user), params: { body: '' } expect(response).to have_gitlab_http_status(:bad_request) end diff --git a/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb index 8d8483cae72..fcdc594f258 100644 --- a/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb @@ -122,7 +122,7 @@ RSpec.shared_examples 'process nuget workhorse authorization' do |user_type, sta context 'with a request that bypassed gitlab-workhorse' do let(:headers) do - build_basic_auth_header(user.username, personal_access_token.token) + basic_auth_header(user.username, personal_access_token.token) .merge(workhorse_header) .tap { |h| h.delete(Gitlab::Workhorse::INTERNAL_API_REQUEST_HEADER) } end @@ -180,6 +180,7 @@ RSpec.shared_examples 'process nuget upload' do |user_type, status, add_member = body: 'content' ) end + let(:fog_file) { fog_to_uploaded_file(tmp_object) } let(:params) { { package: fog_file, 'package.remote_id' => file_name } } @@ -400,7 +401,7 @@ RSpec.shared_examples 'rejects nuget access with unknown project id' do end context 'as authenticated user' do - subject { get api(url), headers: build_basic_auth_header(user.username, personal_access_token.token) } + subject { get api(url), headers: basic_auth_header(user.username, personal_access_token.token) } it_behaves_like 'rejects nuget packages access', :anonymous, :not_found end diff --git a/spec/support/shared_examples/requests/api/packages_shared_examples.rb b/spec/support/shared_examples/requests/api/packages_shared_examples.rb index ec15d7a4d2e..6f4a0236b66 100644 --- a/spec/support/shared_examples/requests/api/packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/packages_shared_examples.rb @@ -2,7 +2,7 @@ RSpec.shared_examples 'deploy token for package GET requests' do context 'with deploy token headers' do - let(:headers) { build_basic_auth_header(deploy_token.username, deploy_token.token) } + let(:headers) { basic_auth_header(deploy_token.username, deploy_token.token) } subject { get api(url), headers: headers } @@ -15,7 +15,7 @@ RSpec.shared_examples 'deploy token for package GET requests' do end context 'invalid token' do - let(:headers) { build_basic_auth_header(deploy_token.username, 'bar') } + let(:headers) { basic_auth_header(deploy_token.username, 'bar') } it_behaves_like 'returning response status', :unauthorized end @@ -24,7 +24,7 @@ end RSpec.shared_examples 'deploy token for package uploads' do context 'with deploy token headers' do - let(:headers) { build_basic_auth_header(deploy_token.username, deploy_token.token).merge(workhorse_header) } + let(:headers) { basic_auth_header(deploy_token.username, deploy_token.token).merge(workhorse_header) } before do project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE) @@ -35,7 +35,7 @@ RSpec.shared_examples 'deploy token for package uploads' do end context 'invalid token' do - let(:headers) { build_basic_auth_header(deploy_token.username, 'bar').merge(workhorse_header) } + let(:headers) { basic_auth_header(deploy_token.username, 'bar').merge(workhorse_header) } it_behaves_like 'returning response status', :unauthorized end diff --git a/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb index fcc166ac87d..4954151b93b 100644 --- a/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb @@ -24,6 +24,20 @@ RSpec.shared_examples 'PyPi package creation' do |user_type, status, add_member it_behaves_like 'creating pypi package files' + context 'with a pre-existing file' do + it 'rejects the duplicated file' do + existing_package = create(:pypi_package, name: base_params[:name], version: base_params[:version], project: project) + create(:package_file, :pypi, package: existing_package, file_name: params[:content].original_filename) + + expect { subject } + .to change { project.packages.pypi.count }.by(0) + .and change { Packages::PackageFile.count }.by(0) + .and change { Packages::Pypi::Metadatum.count }.by(0) + + expect(response).to have_gitlab_http_status(:bad_request) + end + end + context 'with object storage disabled' do before do stub_package_file_object_storage(enabled: false) @@ -49,6 +63,7 @@ RSpec.shared_examples 'PyPi package creation' do |user_type, status, add_member body: 'content' ) end + let(:fog_file) { fog_to_uploaded_file(tmp_object) } let(:params) { base_params.merge(content: fog_file, 'content.remote_id' => file_name) } @@ -144,7 +159,7 @@ RSpec.shared_examples 'rejects PyPI access with unknown project id' do end context 'as authenticated user' do - subject { get api(url), headers: build_basic_auth_header(user.username, personal_access_token.token) } + subject { get api(url), headers: basic_auth_header(user.username, personal_access_token.token) } it_behaves_like 'process PyPi api request', :anonymous, :not_found end diff --git a/spec/support/shared_examples/requests/snippet_shared_examples.rb b/spec/support/shared_examples/requests/snippet_shared_examples.rb index 644abb191a6..a17163328f4 100644 --- a/spec/support/shared_examples/requests/snippet_shared_examples.rb +++ b/spec/support/shared_examples/requests/snippet_shared_examples.rb @@ -106,3 +106,80 @@ RSpec.shared_examples 'snippet_multiple_files feature disabled' do expect(json_response).not_to have_key('files') end end + +RSpec.shared_examples 'snippet creation with files parameter' do + using RSpec::Parameterized::TableSyntax + + where(:path, :content, :status, :error) do + '.gitattributes' | 'file content' | :created | nil + 'valid/path/file.rb' | 'file content' | :created | nil + + '.gitattributes' | nil | :bad_request | 'files[0][content] is empty' + '.gitattributes' | '' | :bad_request | 'files[0][content] is empty' + + '' | 'file content' | :bad_request | 'files[0][file_path] is empty' + nil | 'file content' | :bad_request | 'files[0][file_path] should be a valid file path, files[0][file_path] is empty' + '../../etc/passwd' | 'file content' | :bad_request | 'files[0][file_path] should be a valid file path' + end + + with_them do + let(:file_path) { path } + let(:file_content) { content } + + before do + subject + end + + it 'responds correctly' do + expect(response).to have_gitlab_http_status(status) + expect(json_response['error']).to eq(error) + end + end + + it 'returns 400 if both files and content are provided' do + params[:file_name] = 'foo.rb' + params[:content] = 'bar' + + subject + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response['error']).to eq 'files, content are mutually exclusive' + end + + it 'returns 400 when neither files or content are provided' do + params.delete(:files) + + subject + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response['error']).to eq 'files, content are missing, exactly one parameter must be provided' + end +end + +RSpec.shared_examples 'snippet creation without files parameter' do + let(:file_params) { { file_name: 'testing.rb', content: 'snippet content' } } + + it 'allows file_name and content parameters' do + subject + + expect(response).to have_gitlab_http_status(:created) + end + + it 'returns 400 if file_name and content are not both provided' do + params.delete(:file_name) + + subject + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response['error']).to eq 'file_name is missing' + end + + it 'returns 400 if content is blank' do + params[:content] = '' + + subject + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response['error']).to eq 'content is empty' + end +end |